<?php
if (!defined('admin')) {
    exit();
}
if (get_admin_level() < 2) adminmsg('', "您没有操作的权限");
$filename = getGet('file');

if ($filename && file_ext($filename) == "sql") {
    $filename = str_replace('*', '', $filename);
    $filename = str_replace('?', '', $filename);
    $filename = str_replace('..', '', $filename);
    $filename = str_replace('/', '', $filename);
    $filename = str_replace('\\', '', $filename);
//    echo DBDir . 'backup/' . $filename;
    file_backup(DBDir . 'backup/' . $filename);
    @unlink(DBDir . 'backup/' . $filename);
    log_todb("操作日志", getadminname() . "删除数据库备份文件：" . $filename);
    adminmsg('', "删除完成");
} else {
    adminmsg('', "缺少参数");
}
